MAL-2026-621 Malicious code in base-local-planner (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 c0cb640a181ee8e6c31d4f0f87e8768b7a67b70174dd65794e8d980909eac8a3 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

Tenda AX1803 Buffer Overflow Vulnerability (CNVD-2026-10638)

Tenda AX1803 is a dual-band Gigabit WIFI6 router from Tenda China. The Tenda AX1803 suffers from a buffer overflow vulnerability caused by incorrect boundary checking in the GetWifiGuestBasic function of the /goform/WifiGuestSet file. An attacker could exploit this vulnerability to execute...

Microsoft Windows Script Host 5.812 File Generator

Microsoft Windows Script Host version 5.812 .vbs file generation tool that can be used to establish persistence on Windows systems...

iccDEV security vulnerability

iccDEV is an open-source color configuration code library developed by the International Color Consortium. Versions of iccDEV prior to 2.3.1.1 contained security vulnerabilities. These vulnerabilities were caused by undefined behavior and null pointer dereferencing in the CIccProfileXml::ParseBas...

CVE-2026-22469

Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in mwtemplates DeepDigital deepdigital allows Code Injection.This issue affects DeepDigital: from n/a through = 1.0.2...

CVE-2026-1329

CVE-2026-1329 affects Tenda AX1803, v1.0.0.1. A stack-based buffer overflow exists in the fromGetWifiGuestBasic function in /goform/WifiGuestSet. Attackers can remotely manipulate arguments such as guestWrlPwd, guestEn, guestSsid, hideSsid, and guestSecurity to trigger the overflow. Exploitation ...

VulnCheck KEV: CVE-2025-8829

A vulnerability was identified in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 up to 20250801. Affected by this vulnerability is the function umred of the file /goform/RPsetBasicAuto. The manipulation of the argument hname leads to os command injection. The attack can be launched...

Failed to perform post-processing for plug-in. Error: The issuer certificate does not have a Basic Constraints extension.

Challenge After upgrading a Windows-based Veeam Backup & Replication deployment to version 13.0.1 or higher, the following error may occur: Failed to perform post-processing for plug-in $pluginName Linux $machine Error: The issuer certificate does not have a Basic Constraints extension. Examples:...

CVE-2026-1156

A vulnerability was determined in Totolink LR350 9.3.5u.6369B20220309. Affected by this issue is the function setWiFiBasicCfg of the file /cgi-bin/cstecgi.cgi. This manipulation of the argument ssid causes buffer overflow. It is possible to initiate the attack remotely. The exploit has been...

MiracleLinux 8 : python3-3.6.8-39.el8.ML.1 (AXSA:2021-2524:05)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2021-2524:05 advisory. python: urllib: Regular expression DoS in AbstractBasicAuthHandler CVE-2021-3733 Tenable has extracted the preceding description block directly from the...

MAL-2026-352 Malicious code in medifile (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 5c005d95a9b1b91118e9306168ce69163190184714fe53c65b7ba716e867c8da Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

EulerOS 2.0 SP10 : cups (EulerOS-SA-2026-1022)

According to the versions of the cups package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.12 and earlier, when the AuthTyp...

EulerOS 2.0 SP10 : cups (EulerOS-SA-2026-1043)

According to the versions of the cups package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.12 and earlier, when the AuthTyp...

CVE-2025-40942

A vulnerability has been identified in TeleControl Server Basic All versions V3.1.2.4. Affected application contains a local privilege escalation vulnerability that could allow an attacker to run arbitrary code with elevated privileges...

Huawei EulerOS: Security Advisory for cups (EulerOS-SA-2026-1022)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for cups (EulerOS-SA-2026-1043)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: tty: ngsm: Do not block the input queue by waiting for the MSC response. Currently, the gsmqueue function processes incoming frames. When opening a DLC channel, it calls gsmdlciopen, which in turn calls gsmmodemupdate. If the bas...

CVE-2025-40942

A vulnerability has been identified in TeleControl Server Basic All versions V3.1.2.4. Affected application contains a local privilege escalation vulnerability that could allow an attacker to run arbitrary code with elevated privileges...

CVE-2025-40942

A vulnerability has been identified in TeleControl Server Basic All versions V3.1.2.4. Affected application contains a local privilege escalation vulnerability that could allow an attacker to run arbitrary code with elevated privileges...

CVE-2025-40942

A vulnerability has been identified in TeleControl Server Basic All versions V3.1.2.4. Affected application contains a local privilege escalation vulnerability that could allow an attacker to run arbitrary code with elevated privileges...